Instagram Account Hacked: What To Do and How to React

05/10/2020

It is now back to normal and access to our precious Instagram profile of Still Miracle Photography has been restored! But I hope my horrible experience and tips will help others to prevent loss of the access to their Instagram account hacked.

Instagram Account Hacked: How To React

It has been the most stressful Sunday morning I could ever imagine. It started at 10.10 am on 10 May 2020 with the notification on Still_Miracle’s account “User not found” when I tried to access it from my iPhone. I realised that something was wrong with my account and immediately checked emails. I discovered 3 email notifications informing that within 1 minute my instagram account name was changed, e-mail and phone number were removed. I was so shocked and couldn’t believe that years of efforts, hundreds of posts, photographs, messages and connections could be lost just within a couple of minutes.

I pulled myself together and submitted a report to Instagram support team who replied at 10.20am with the following message:

“The account you’re referring to has been removed. We’re unable to restore accounts that have been permanently deleted. We’re sorry for any inconvenience this causes.

Thanks, The Instagram Team”

In the meantime, I received an email from unknown sender anyhirl92 @gmail.com informing that my account was hacked:

“It’s perfectly safe and we haven’t touched it. We are waiting for your reply 2 hours! If you do not respond, we will start to clear your account (delete photos) and sell your account! We are waiting for your reply!”

The hackers demanded USD275 for restoring my access to the Instagram account and threatened to delete the account within 2 hours if this request is not satisfied. However, I didn’t have any assurances that this will be done even if I pay the full amount. So I decided to exchange emails with the hackers asking for more details about the process of recovery and asked them to prove that my account was still safe. I also started discussing the payment options with them. All this just to win some time before the Instagram support team responds and react reacts.

I kept sending messages to the Instagram support team with more details from my conversation with the hackers, including print screens of their emails and requests. One of the hacker’s messages was the following:

“Our interest is only in money. We don’t need your account. We will restore it immediately after payment in 15 minutes. We will send you a login, password and instructions on how to protect your account.”

I kept communicating with the hackers and insisted to prove that Still Miracle account still exists and can be restored. They sent me a screenshot of the profile which appeared with Russian texts in the header and I realised that the hackers were from Russia. I switched the topic of the discussion on whether the payment can be made to the Russian bank and they provided a details of the Russian banking card with a card number, full name and phone number of the recipient. Since, the attack happened on Sunday it was not possible to make an immediate transfer and I explained this to the hackers. Then they started insisting on the payment in bitcoins via brd.com

While I was discussing various details with the hackers, time worked in our favour. That was the most stressful 2 hours while awaiting for the Instagram team to respond.

It was even more terrifying to find out that according to the Instagram’s policy that “if your account was deleted by you or someone with your password, there’s no way to restore it. You can create a new account with the same email address you used before, but you may not be able to get the same username”.

Instagram's policy

"if your account was deleted by you or someone with your password, there's no way to restore it. You can create a new account with the same email address you used before, but you may not be able to get the same username".

It Takes Patience for the Account Hacked to be Recovered

Eventually, after almost 2 hours of simultaneous communication with the hackers via email and Instagram support team, I received a life saving message and account recovery link from the helpdesk. I understood that I had to react quickly and change password via the link as quick as possible, which I did.

At the same time, hackers sent me a message that they see recovery attempts and will “gain access to the account again”. That felt like a blockbuster story when I had to compete with the criminals in real time. I saw in the Instagram’s login activity how they were attempting to change several fake email addresses to keep access to the account. Luckily, I was faster and managed to update password and email address.

Finally, the access was restored. Just in case the hackers succeed in their further attempts, I used the data download function and downloaded all the content with the photos, comments, profile information and other data shared on Instagram of Still Miracle Photography during previous years.

This was a challenging lesson and I feel relieved. Now I can share some tips with others on how to keep your Instagram account safe and what to do if you discover your account hacked.

Some security tips from our own experience on how to recover access to Instagram account hacked:

If you receive new proposals or enquiries from new (unknown) users or emails that ask you to click on a suspicious link (it may even not look suspicious) – never do that! never click the link or type in your instagram login details

If you discover that your Instagram account has been stolen – report this to Instagram support desk immediately. It is strongly recommended that you spend some time on your app to find where this support button is. That is crucial.

Hackers usually rename your account to a totally different random name (in my case it was – 167575670q0979878). Hackers also changed email and phone within 1 minute so I was not able to locate it.

It is crucial to find the renamed account hacked so that the Instagram support team can find it quicker and react. It helped me a lot that some of Still_Miracle’s previous posts were saved on my personal account. So I was able to identify the new name of my account. Advice: Save some posts or stories from your business account on a different (personal) account.

You have to provide all details to the Support Desk as quick as possible. Every minute matters! Be prepared to inform the Instagram helpdesk of the following:

A brief description of the issue you’re experiencing, including the date you last had access to your account and how you lost access

The email address or mobile phone number you used to sign up for your account.

Your account name, new account name created by hackers

The device you used to sign up for your account (example: iPhone, Android, iPad, computer). If you signed up on a computer or tablet, please also tell us which operating system you used (example: Windows, MacOS, Linux) when you signed up.

Any previous usernames you’ve had on the account you’re requesting support for

Very important: At the same time, you have to keep in touch with the hackers and keep conversation with them as long as possible not allow them to delete the account and to win some time for the Instagram support team to get on the issue and react

Other security tips for all Instagram users:

Pick a strong password which should always be different from other passwords you use on the Internet

Never give your password to someone you don’t know and trust

Make sure your email account is secure. Anyone who can read your email can probably also access your Instagram account. Change the passwords for all of your email accounts and make sure that no two are the same

Log out of Instagram when you use a computer or phone you share with other people. Don’t check the “Remember Me” box when logging in from a public computer, as this will keep you logged in even after you close the browser window

Be extremely cautious when authorising any third-party applications

Change your password regularly, especially if you see a message from Instagram asking you to do so

Data Download: To minimise the risk of the account hacked and loss of your data, make sure you download copy of everything you shared on Instagram. You can request a download of your data in a machine readable (JSON) format. You just need your Instagram account password to request this information. For more details please do not hesitate to refer to the support team pages.